shinnok/osx_updateblocklists

## osx_updateblocklists
#!/bin/bash

# Block ads and trackers using the HOSTS(5) file on OSX
#
# The script also has some pfsense fu, for more details on this script visit
# http://shinnok.com/rants/2015/04/05/blocking-ads-and-trackers-using-hosts/
#
# Dependencies:
#  * git
#  * curl
#  * links - the www text browser

PFSENSE=false

if [ "$1" == "--firewall" ] || [ "$1" == "-f" ]; then
   PFSENSE=true
fi

if [ $(whoami) != "root" ]
then
    echo "I'm not root. Please sudo."
    exit 1
fi

cd /etc/
git status >/dev/null 2>&1
if [ "$?" != "0" ]
then
    echo "No git repository found in /etc/. Initializing one is seriously encouraged if you want to use this script."
    exit 1
fi

if [ ! -d "./hosts.d" ]
then
    echo "Initializing hosts.d..."
    mkdir ./hosts.d || exit 1
    cp ./hosts ./hosts.d/hosts.1.head || exit 1
    touch ./hosts.d/hosts.2.custom || exit 1
    echo "You can custom host lookup rules in /etc/hosts.d/hosts.2.custom."
fi

echo "Updating..."
type links >/dev/null 2>&1 || { echo >&2 "I need the links tool to parse html pages.  Aborting."; exit 1; }
links -dump https://hosts.neocities.org/ | sed 's/^ *//' > /etc/hosts.d/hosts.3.adblock
cat /etc/hosts.d/* > /etc/hosts

if [ "$PFSENSE" == "true" ]
then
    grep emerging-threats ./pf.conf > /dev/null
    if [ "$?" != "0" ]
    then
        echo "Adding pf anchors..."
        cat >> pf.conf <<END
anchor "ip-block"
load anchor "ip-block" from "/etc/pf.anchors/ip-block"

anchor "emerging-threats"
load anchor "emerging-threats" from "/etc/pf.anchors/emerging-threats"
END
        cat > pf.anchors/ip-block <<END
table <ip_block> persist file "/etc/pf.rules/ip-block.pf"
block log quick from <ip_block> to any
block log quick from any to <ip_block>
END
        touch ./pf.rules/ip-block.pf || exit 1
        echo "You can block individual ip addresses or ranges in /etc/pf.rules/ip-block.pf."
    fi
    curl http://rules.emergingthreats.net/fwrules/emerging-PF-ALL.rules -o /etc/pf.anchors/emerging-threats 2>/dev/null
fi

git diff --exit-code ./hosts ./pf.anchors
if [ "$?" == "0" ]
then
    echo "No updates."
    exit
fi

echo "Commit changes(y/n)?"
read response
if [ "$response" == "y" ]
then
    git commit ./hosts ./hosts.d/ ./pf.anchors/ -m "Update hosts and pfsense block lists."
    discoveryutil mdnsflushcache
    discoveryutil udnsflushcaches
    if [ "$PFSENSE" == "true" ]; then
        pfctl -f /etc/pf.conf
    fi
else
    echo "Please investigate. Revert /etc/hosts if suspicious. Rules not pointing at 0.0.0.0 in /etc/hosts:"
    grep -v -e ^0.0.0.0 -e ^#  /etc/hosts
fi
	#!/bin/bash

	# Block ads and trackers using the HOSTS(5) file on OSX
	#
	# The script also has some pfsense fu, for more details on this script visit
	# http://shinnok.com/rants/2015/04/05/blocking-ads-and-trackers-using-hosts/
	#
	# Dependencies:
	# * git
	# * curl
	# * links - the www text browser

	PFSENSE=false

	if [ "$1" == "--firewall" ] \|\| [ "$1" == "-f" ]; then
	PFSENSE=true
	fi

	if [ $(whoami) != "root" ]
	then
	echo "I'm not root. Please sudo."
	exit 1
	fi

	cd /etc/
	git status >/dev/null 2>&1
	if [ "$?" != "0" ]
	then
	echo "No git repository found in /etc/. Initializing one is seriously encouraged if you want to use this script."
	exit 1
	fi

	if [ ! -d "./hosts.d" ]
	then
	echo "Initializing hosts.d..."
	mkdir ./hosts.d \|\| exit 1
	cp ./hosts ./hosts.d/hosts.1.head \|\| exit 1
	touch ./hosts.d/hosts.2.custom \|\| exit 1
	echo "You can custom host lookup rules in /etc/hosts.d/hosts.2.custom."
	fi

	echo "Updating..."
	type links >/dev/null 2>&1 \|\| { echo >&2 "I need the links tool to parse html pages. Aborting."; exit 1; }
	links -dump https://hosts.neocities.org/ \| sed 's/^ *//' > /etc/hosts.d/hosts.3.adblock
	cat /etc/hosts.d/* > /etc/hosts

	if [ "$PFSENSE" == "true" ]
	then
	grep emerging-threats ./pf.conf > /dev/null
	if [ "$?" != "0" ]
	then
	echo "Adding pf anchors..."
	cat >> pf.conf <<END
	anchor "ip-block"
	load anchor "ip-block" from "/etc/pf.anchors/ip-block"

	anchor "emerging-threats"
	load anchor "emerging-threats" from "/etc/pf.anchors/emerging-threats"
	END
	cat > pf.anchors/ip-block <<END
	table <ip_block> persist file "/etc/pf.rules/ip-block.pf"
	block log quick from <ip_block> to any
	block log quick from any to <ip_block>
	END
	touch ./pf.rules/ip-block.pf \|\| exit 1
	echo "You can block individual ip addresses or ranges in /etc/pf.rules/ip-block.pf."
	fi
	curl http://rules.emergingthreats.net/fwrules/emerging-PF-ALL.rules -o /etc/pf.anchors/emerging-threats 2>/dev/null
	fi

	git diff --exit-code ./hosts ./pf.anchors
	if [ "$?" == "0" ]
	then
	echo "No updates."
	exit
	fi

	echo "Commit changes(y/n)?"
	read response
	if [ "$response" == "y" ]
	then
	git commit ./hosts ./hosts.d/ ./pf.anchors/ -m "Update hosts and pfsense block lists."
	discoveryutil mdnsflushcache
	discoveryutil udnsflushcaches
	if [ "$PFSENSE" == "true" ]; then
	pfctl -f /etc/pf.conf
	fi
	else
	echo "Please investigate. Revert /etc/hosts if suspicious. Rules not pointing at 0.0.0.0 in /etc/hosts:"
	grep -v -e ^0.0.0.0 -e ^# /etc/hosts
	fi